Skip to main content

4 Steps to Secure Your Google and Gmail Accounts

  |  Rachael Roth

Your Gmail is linked to everything you do online. Secure your Google account with these tips to help guarantee its safety from hackers. 

One of the most convenient aspects of your Google account is also one of the worst: It’s connected to many other apps that you use. 

Sure, signing into another account through Google can save tons of time and frustration. The downside? You’re giving third-party apps the same permission that you give your Google account, which has troves of personal information about you. You trust may trust some of those apps as much as you trust Google with your data, but not all. 

Plus, there are other ways to make your Gmail airtight that you might be neglecting. This is your sign to make your Google account more secure. 

How do I secure my Google account?

Follow these four steps to secure your Google account and Gmail. 

1. Use a strong, unique password 

Passwords are the gatekeepers for all of our sensitive data. A weak password is to hackers what a welcome mat is to vampires: an invitation to come on in! A strong password to protect your Gmail is key.

Rather than trying to come up with a password that’s both strong and memorable, let Dashlane’s Password Generator create one for you. With the Dashlane password manager app, the generator is built in. If you’re signed in to Dashlane on your browser or mobile or desktop app, Password Generator will appear any time you’re on a new site and are prompted to create a new password, including for your Google or Gmail accounts. You can generate a password to the site’s specifications, including length and required characters, letters, cases, and digits. 

2. Set up 2-factor authentication 

Two-factor authentication (2FA) is one of the best ways to protect your personal data online. If you try—or someone pretending to be you tries—to log in to your Google account, you’ll be immediately notified through another method that you set up for authentication. Because the notification is sent at the time of an attempted login, your chances of thwarting a hacker’s attempts are high. 

Your choice of verification also matters. Apps like Duo will send a push notification to your phone that you can click to accept, or it will prompt you to enter a 6-digit code that expires after a short amount of time. Because your phone is likely to be with you at all times and has its own built-in authentication like facial recognition, this method is highly secure. 

To do this, go to and scroll to the third section, “Signing Into Google.” 2FA can be set up and controlled from here. 

Check your backup contact method 

How long has it been since you’ve updated your recovery email or contact method? It’s not something we spend too much time thinking about, but it is important for security reasons. It’s possible that your backup methods are not as secure as your current Google account—maybe your phone number has changed or your recovery email just exists to collect spam and has a weak password. 

You can review and change your backup security methods on your account’s security page under “Ways we can verify it's you.”

4. Clean up apps that have permission to access your account

These days, many apps give you the option of creating a new account using your Google credentials. While this can simplify the login process, it’s always important to read the fine print: What permissions are you granting those third-party apps by signing in with your Google or Gmail account? 

With a password manager, you can create unique and strong passwords for every account you have; you also won’t need to remember or type them in. Once logged in to your password manager, your accounts will be autofilled with your credentials. Because you need to create one master password (which your password manager will ensure is strong), this is much safer than having one login for multiple third-party accounts through Google. Remember, even storing passwords in your browser is not entirely secure

To review which third-party apps are tied to your Google account, go to and scroll down to find the “Third-party apps with account access” section. From here you can manage permissions and revoke access to each app individually. Google also automatically blocks apps and devices that it deems unsecure. You can turn this feature off, but it’s not recommended. 

In summary: Secure your Google and Gmail accounts today

Using these four steps, it's simple to secure some of your most critical and sensitive accounts.

Interact with the most used features in a password manager on our Password Generator page.

Sign up to receive news and updates about Dashlane